The State of Network Security 2012: Executive Report

The State of Network Security 2012: Executive Report



The “State of Network Security 2012” survey was conducted to analyze security risks and operational challenges, and gauge the effects that next-generation firewalls (NGFWs) are having upon IT ...

The “State of Network Security 2012” survey was conducted to analyze security risks and operational challenges, and gauge the effects that next-generation firewalls (NGFWs) are having upon IT security professionals’ workload.

While malware attacks continue to make headlines, today’s security teams are more concerned with the risk from poor internal security processes and insider threats. Adding to this challenge of managing security policies is the adoption of NGFWs, which is adding even more scale and complexity. As NGFWs are adopted more widely, IT Security and Operations teams will need to carefully evaluate the costs and benefits, and plan improvements to their firewall management policies, to avoid increasing security risks and the costs of preventing them.



Total Views
Views on SlideShare
Embed Views



1 Embed 2 2



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

The State of Network Security 2012: Executive Report The State of Network Security 2012: Executive Report Document Transcript

  • The State of Network Security 2012:Attitudes and OpinionsThe State of IT SecurityAlgoSec Survey Insights © Copyright 2012, AlgoSec Inc. All rights reserved
  • Executive SummaryA survey of 182 IT security and operations professionals reveals that the greatest businesssecurity risks and challenges come from within the organizational boundaries. This state ofnetwork security has important implications as next-generation firewalls (NGFWs) gainadoption, out of the necessity for security teams to gain visibility and control at a moregranular level. Processes need improvement. Out-of-process firewall changes have resulted in system outages About the Survey for a majority (54.5%) of the organizations surveyed. Time-consuming manual processes, and The “State of Network lack of visibility, top the list of the greatest Security 2012” survey was challenges in managing network security devices. conducted to analyze security Clearly, internal processes are the dominant issue risks and operational for most IT Security and Operations departments. challenges, and gauge the effects that next-generation Next-generation firewalls: addressing the risks, firewalls are having upon IT at a cost. For our respondents who have adopted security professionals’ NGFWs, a significant number are able to directly workload. address their greatest security concerns, and an 182 respondents completed overwhelming number have improved their level of the survey, which was security. However, with more data available and targeted to members of IT more complex policies to manage, security Security departments (68.1% administrators are carrying a greater load, both in of respondents) and IT the complexity of their firewall policies, and the time Operations departments required to manage them. (31.9% of respondents). Security is an inside job. As serious as threats There were no statistically may be from hackers and malware, only one out of significant differences in the five respondents see external threats as their #1 responses from these two risk. IT Security and Operations departments are groups. more focused on gaining visibility into their The survey was administered applications and networks, improving processes on the show floor at RSA that are time-consuming and error-prone, and Conference 2012 US, held in defending against internal threats. San Francisco, February 27–While security teams are already concerned about the March 2, 2012.quality of their processes for managing securitypolicies, the adoption of NGFWs is adding even morescale and complexity to their load. As NGFWs areadopted more widely, IT Security and Operations teams will need to carefully evaluate thecosts and benefits, and plan improvements to their firewall management policies, to avoidincreasing security risks and the costs of preventing them. 2 © Copyright 2012, AlgoSec Inc. All rights reserved
  • Challenges to Network Security: Processes are Problematic When asked to name their Figure 1: single greatest challenge in "What is the greatest challenge when it comes to managing network security managing network security devices in your organization?" devices, time-consuming Tension manual processes was between IT admin and selected by nearly one- InfoSec teams, Time- 9.4% consuming third, or 30.0%, of the manual Error-prone processes, respondents (see Figure 1). processes 30.0% Lack of visibility into cause risk, 10.0% network security policies ranked second, with 21.7%. Preventing The majority of top insider threats, 13.3% challenges lie with processes: time- consuming manual processes, poor change management processes, Poor change Lack of visibility and error-prone processes management into network processes, security add up to 55.6% of the top 15.6% policies, 21.7% challenges.Out-of-Process Changes Cause System OutagesRespondents were asked to name the failures that an out-of-change process has causedin their organization. For 77.0% of respondents, out-of-process changes caused either asystem outage, a data breach, an audit failure, or more than one of these seriousproblems. Figure 2: "In your organization, an out-of-process change has resulted in..." 60.0% 50.0% 54.5% 40.0% 30.0% 20.0% 25.8% 23.0% 20.2% 10.0% 0.0% Data breach System outage Failing an audit None of the above 3 © Copyright 2012, AlgoSec Inc. All rights reserved
  • Alarmingly, system outages are known to have occurred for more than half of therespondents, 54.5%, more than twice as frequently as data breaches or audit failures (seeFigure 2). In fact, for 11.2% of the respondents, out-of-process changes causing systemoutages was named as the #1 risk to IT security (see Figure 6, later in this report).It is important to note that the survey only captured problems that the respondents wereaware of. Undiscovered data breaches may account for the relatively low percentage ofdata breaches reported. Figure 3: Next-Generation "Do you feel more or less secure now Firewalls that you have deployed NGFWs?" Of the survey No: Increased respondents, only 41.2% incidence of out- of-process have implemented next- changes, 4.0% Yes: We have generation firewalls No: Increased policy improved (NGFWs) to date, management control, 46.7% introduces error indicating that the peak and risk, 12.0% of their adoption rate is still ahead. When these respondents were asked whether NGFWs help them feel more secure, 84.0% answered in the affirmative, thus validating the value of NGFWs for most organizations. 46.7% of Yes: We have the sample cited better increased visibility, 37.3% control as the reason for a greater feeling of security. 37.3% of the sample cited increased visibility (see Figure 3).NGFWs have, however, failed thus far to improve security for about one of every sixorganizations that use them. Of the 16.0% that did not feel more secure with NGFWs,three-quarters of them (12.0% of the total) cited increased policy management as theimpediment, and the other one-quarter (4.0% of the total) cited an increased incidence inout-of-process changes (see Figure 3). The greater visibility and control afforded byNGFWs clearly must be balanced with the ability to manage a more complex securitypolicy. 4 © Copyright 2012, AlgoSec Inc. All rights reserved
  • Another of the survey questions validates this point further: “As a percentage of your dailyworkload, how much more time does managing next-gen firewalls add to your firewallmanagement process?” The average of the responses received is 12.5%. In other words,NGFWs add an average of one hour per day per full-time employee—a significant cost.Organizations considering Figure 4:adopting NGFWs would "Have next gen firewalls added morebe well advised to work to your firewall managementautomate their firewall processes?"management processesacross their entire estate,so they can reap the full No: Yes: NGFWbenefits without increasing management is policies centralizedworkload. 23.9% managed separately 40.8%When specifying thereasons NGFWs haveadded to the workload,40.8% stated that theirNGFW policies weremanaged separately fromtraditional firewall policies.On the other hand,centralized managementprevented additional work Yes: more infofor almost a quarter, to gather for23.9%, of the respondents audits 12.7%with NGFWs (see Figure4). Yes: additional policies must be managedTherefore, 76.1% of 22.5%NGFW users surveyedhave room for improvement in their policy management, or they must bear the costs of agreater workload. It is interesting to compare this number to the 84.0% who have improvedsecurity; most users see value, and most users bear additional costs for that value.Risks to Security: More Management than MaliceThe greatest IT risk that enterprises face is lack of visibility into applications and/ornetworks, at 28.7% (see Figure 5), making lack of visibility both a top risk and a topchallenge (compare to Figure 1).Despite the attention that hackers and other external security threats receive, it is internal,not external threats, which are perceived as greater risks. Financially motivated hackersand political “hacktivists,” combined, are the top risks for 19.6% of respondents, comparedto 27.5% for insider threats. 5 © Copyright 2012, AlgoSec Inc. All rights reserved
  • Surprisingly, while malicious Figure 5:threats, both inside and "What is the greatest risk youroutside, are perceived as the enterprise faces today?"greatest risk in a total of Out-of-process47.1% of enterprises, the changesmajority of organizations causing system outages, 11.2% Lack of visibilitypoint to a management or into applications and/orvisibility issues as their networks, Poor changegreatest risk. These are management, 28.7% 12.9%conditions that can beimproved with automation:poor change management,out-of-process changes thatcause system outages, andlack of visibility add up to Financially-52.8% of the top risks motivatedreported. hackers, 14.0%Conclusions Political "hacktivists", Outsider threats, 5.6%While enterprise IT Security 19.6%and Operations teams enjoy Insider threats,a reputation for defending 27.5%against evil threats, their trueenemies are processcomplexity and lack of visibility.Next-generation firewalls are bringing value to most organizations that adopt them. Theywill certainly gain wider adoption, for the additional visibility and control they afford.However, the downside of NGFWs is added process complexity—which only intensifiesthe top security risks and challenges that IT already faces.Therefore, organizations that adopt NGFWs have a double challenge. First, to use NGFWsin a way that will address their current challenges and risks effectively. Second, tostreamline their firewall change management processes so they can prevent additionalworkload, keep security risks under control, and realize the added benefits of NGFWs.By streamlining ahead of NGFW implementation, IT organizations can get immediate relieffrom most of their common challenges, while setting the stage for the next generation ofsecurity. 6 © Copyright 2012, AlgoSec Inc. All rights reserved
  • Next Steps Download this paper on key firewall policy management tips Watch the webcast on Strategies to Improve Firewall Policy Management 7 © Copyright 2012, AlgoSec Inc. All rights reserved
  • About AlgoSecAlgoSec is the market leader in network security policy management. AlgoSec enablessecurity and operations teams to intelligently automate the policy management of firewalls,routers, VPNs, proxies and related security devices, improving operational efficiency,ensuring compliance and reducing risk.More than 900 of the world’s leading enterprises, MSSPs, auditors and consultancies relyon AlgoSec Security Management Suite for unmatched automation of firewall operations,auditing and compliance, risk analysis and the security change workflow.AlgoSec is committed to the success of every single customer, and offers the industrysonly money-back guarantee.For more information, visit 300 Colonial Center Parkway Suite 100 T: +1-888-358-3696 F: +1-866-673-7873 Roswell, GA 30076 E: USA 8 © Copyright 2012, AlgoSec Inc. All rights reserved